CVE-2026-48955: Unauthorized Access to Joomla Workflow Stage & Transition Info
CVE-2026-48955 Published on July 7, 2026

Joomla! Core - [20260709] - Incorrect Access Control in com_workflow
An improper access check allows unauthorized users to access workflow stage and transition information.

Vendor Advisory NVD

Weakness Type

What is an Authorization Vulnerability?

The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

CVE-2026-48955 has been classified to as an Authorization vulnerability or weakness.


Products Associated with CVE-2026-48955

Want to know whenever a new CVE is published for Joomla? stack.watch will email you.

 

Affected Versions

Joomla! Project Joomla! CMS Version 6.0.0-6.1.1 is affected by CVE-2026-48955